1.在我们的web开发中,常常会遇到表单的重复提交问题,那么我们的解决方案有两种:①重定向:response.sendrediect(); ②token的使用,即做个标记
下面写一个token的例子:(在tomcat上可以运行的。)
1.JSP页面,3个。
index.jsp
<%@ page language="java"import="java.util.*"pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>避免表单重复提交的例子</title>
</head>
<body>
<h4>请支付:</h4>
<%
String token = (String)request.getAttribute("mytoken");
out.print(token);
%>
<formaction="token.jspx?_m=pay"method="post">
<inputtype="hidden"name="token"value="<%=token %>"/>
<inputtype="text"name="money"/>
<inputtype="submit"value="支付"/>
</form>
</body>
</html>
suc.jsp
<%@ page language="java"import="java.util.*"pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>支付成功</title>
</head>
<body>
<h2style="color:red;">支付成功!感谢您的使用!</h2>
</body>
</html>
error.jsp
<%@ page language="java"import="java.util.*"pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>重复提交了</title>
</head>
<body>
<h2>系统正在处理,请勿重复提交!</h2>
</body>
</html>
2.com.hanchao.web.util是我们工具包
package com.hanchao.web.util;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
/**
* 工具类
* @author hanlw
* 2012-07-09
*/
publicclass TokenUtil {
//定义一个常量,此常量只是为以后取值,传值方便
privatestaticfinal String TOKEN = "TOKEN";
/**
* 获得唯一的token
* @param request
* @return
*/
public String getToken(HttpServletRequest request) {
//★UUID可以产生唯一的序列码
UUID uuid = UUID.randomUUID();
String token = uuid.toString();
HttpSession session = request.getSession();
session.setAttribute(TOKEN, token);
return token;
}
/**
* 验证token
* @param request
* @param requestToken
* @return
*/
publicboolean validateToken(HttpServletRequest request,String requestToken) {
HttpSession session = request.getSession();
String sessionToken = (String) session.getAttribute(TOKEN);
if(sessionToken != null &&
requestToken != null &&
sessionToken.equals(requestToken)) {
session.removeAttribute(TOKEN);
returntrue;
} else {
returnfalse;
}
}
}
3.我们的servlet
package com.hanchao.web.util;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
publicclass TokenServlet extends HttpServlet {
privatestaticfinallong serialVersionUID = 1L;
publicvoid doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String method = request.getParameter("_m");
if("pay".equals(method)) {
pay(request,response);
} elseif("tosave".equals(method)) {
save(request,response);
}
}
/**
* 产生token
* @param request
* @param response
* @throws ServletException
* @throws IOException
*/
privatevoid save(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException{
TokenUtil util = new TokenUtil();
String token = util.getToken(request);
request.setAttribute("mytoken", token);
request.getRequestDispatcher("index.jsp").forward(request, response);
}
/**
* 支付
* @param request
* @param response
* @throws ServletException
* @throws IOException
*/
privatevoid pay(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException{
String token = request.getParameter("token");
TokenUtil util = new TokenUtil();
boolean result = util.validateToken(request, token);
if(result) {
String money = request.getParameter("money");
System.out.println("支付"+money+"成功");
request.getRequestDispatcher("suc.jsp").forward(request, response);
} else {
request.getRequestDispatcher("error.jsp").forward(request, response);
}
}
publicvoid doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request,response);
}
}
==================================================================
2013-06-21-add-han
昨天和我们的架构聊到这个问题,因为现在做的项目涉及到了。他说:对于分布式的大型互联网项目,这种token的方式,在高并发时可能会出现问题。所以,也建议用redirect最保险吧。谢谢
转载于:https://blog.51cto.com/hanchaohan/931145
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
